﻿using Microsoft.AspNetCore.Authentication.Cookies;

var builder = WebApplication.CreateBuilder(args);

// Add services to the container.

builder.Services.AddControllers();

//添加Cookie授权
builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
                .AddCookie(options => 
                {
                    //登陆地址
                    options.LoginPath = "/Auth/Login";
                    //禁止访问地址
                    options.AccessDeniedPath = "/Auth/AccessDenied";
                    //Cookie过期时间
                    options.ExpireTimeSpan = TimeSpan.FromMinutes(20);
                    //校验过期
                });

builder.Services.AddAuthorization(options =>
{
    //Claim中携带Admin即可通过认证
    //options.AddPolicy("Admin", policy =>policy.RequireClaim("Admin"));

    //Role角色为Admin通过认证
    options.AddPolicy("Admin", policy => policy.RequireRole("Admin"));
});

builder.Services.AddMvcCore();
builder.Services.AddControllersWithViews();

var app = builder.Build();

// Configure the HTTP request pipeline.

app.UseHttpsRedirection();

app.UseAuthentication();
app.UseAuthorization();

app.MapControllers();

app.MapControllerRoute(
    name: "default",
    pattern: "{controller=Home}/{action=Index}/{id?}");

app.Run();
